×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Fraud Strategist - Login and Auth

Job in Charlotte, Mecklenburg County, North Carolina, 28245, USA
Listing for: SoFi
Full Time position
Listed on 2026-07-08
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 90000 - 130000 USD Yearly USD 90000.00 130000.00 YEAR
Job Description & How to Apply Below

The Fraud Strategist, Login and Auth owns the perimeter of the SoFi platform, operating at the intersection of adversarial threat intelligence, device forensics, and real‑time decisioning. You will design fraud strategy across login, password reset, MFA, step‑up, and high‑risk session events, calibrated against perimeter threats including account takeover (ATO), authorized scams, credential stuffing, MFA bombing, OTP interception, SIM swap, adversary‑in‑the‑middle phishing, and emulator‑driven bot traffic.

You will work with device intelligence, behavioral biometrics, network reputation, and device‑graph forensics to attribute risk to entities, not just sessions. You will partner with EPD, IAM, Fraud Ops, Info Sec, and risk teams to translate signals into production policy that scales across Money, Invest, Crypto, Card, and Lending.

By joining SoFi, you’ll be part of a forward‑thinking company transforming financial services for the better, with the energy of a startup and the stability of a leading institution.

What You’ll Do
  • Own the end‑to‑end login risk strategy across web and mobile authentication surfaces: signal selection, rule construction, threshold tuning, champion/challenger lifecycle, and rule‑level loss attribution.
  • Architect perimeter‑threat defense covering ATO, scam interception (authorized push payment, remote access, impostor, investment), MFA bombing, OTP interception, SIM swap, and adversary‑in‑the‑middle phishing. Translate live telemetry into production rule changes within hours.
  • Drive device forensics at depth: device fingerprinting, emulator and VM detection, jailbreak/root signals, residential‑proxy detection, and entity‑level device‑graph analysis to surface coordinated abuse hidden under clean sessions.
  • Design step‑up authentication, account recovery, and high‑risk transaction decisioning that synthesizes device, behavioral, network, and credential‑risk signals into a single decision, with explicit false‑positive rate budgets per surface.
  • Lead 3DS, CNP, and tokenization risk decisioning for card‑not‑present transactions, coordinating with issuer processing and network rules to optimize approval rate without ceding losses.
  • Partner with Info Sec threat intel on credential‑capture campaigns and translate intelligence into rule changes inside the live policy stack.
What You’ll Need
  • BA/BS in Statistics, Information Systems, Mathematics, Data Science, or related fields, or equivalent work experience, and 5–8 years in Fraud Analytics, Authentication Risk, or Adversarial Security Engineering.
  • ATO and Scam Defense:
    Track record reducing account takeover and scam losses across banking, card, and crypto surfaces. Comfort across the full kill chain: credential exposure, login compromise, in‑session manipulation, and money movement out.
  • Perimeter Threat Fluency:
    Knowledge of credential stuffing, MFA bombing, OTP interception, SIM swap, adversary‑in‑the‑middle phishing, residential‑proxy abuse, and emulator‑driven automation; ability to respond at the policy layer from telemetry.
  • Device Forensics:
    Experience with device fingerprinting, emulator/VM detection, jailbreak/root signals, behavioral biometrics, and device‑graph analysis.
  • Authentication Stack Depth:
    Working knowledge of FIDO2/passkeys, OAuth/OIDC, 3DS, tokenization, and trade‑offs between approval rate and loss exposure on CNP flows.
  • Balance Friction and Growth:
    Ability to evaluate trade‑offs between fraud mitigation and user experience, with data to support decisions.
  • Architect Scalable Data Systems:
    Advanced SQL/Python skills to build automated, high‑volume data architectures and models for global risk detection.
  • Drive Strategic Influence:
    Proactive collaborator who can align EPD, IAM, Info Sec, and Fraud Ops on policy changes and own end‑to‑end execution in dynamic environments.
  • Founders’ Mentality:
    Positive, proactive attitude; ability to identify problems, propose solutions, and advocate for initiatives.
Compensation and Benefits

The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate’s experience, skills, and location. To view all of our…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary